[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: desktop security

Am Saturday 08 May 2004 17:54 schrieb Michael Banck:

> blackbird~$ ls | wc -l
> 284
> I would be highly annoyed if I had 284 Icons on my desktop.

Me too ;-) In fact I also used to just save files to my home instead of 
thinking about a appropriate directory structure. Creating 
the /documents /photos /spreadsheet directory sturcture by default has 
allready been depreciated by KDE because it is not context relevant. I think 
the same applies to /Desktop in many cases.

It is not that those kind of directories would never be right. The question is 
if that would justify making the distinction a default.

Yes, too many files on my Desktop do remember me I didn't organize them well. 
OTOH it is always possible to stuff everything into a ~/Documents directory 
again. You'll end up with the same result as before but with a consistent 
view on your personal area of the filesystem.

Now the last sentence isn't really an issue for you and me, it is just 
something to help beginners to grasp the underlying mental model instead of 
reverting to memorize details.

> Sun threw insane amounts of money for usability studies on how GNOME can
> be modified to be more usable. Seems having $HOME and $DESKTOP seperate
> was deemed good.

Well, that might just be because it is good thing, :) For example in workgroup 
settings $DESKTOP could point to a group directiory. 
(Don't know however as to which degree, and direction sane studies and costs 
allways correlate)

> I can't really follow you here. Please consider the following
> scenario:
> I'm logged into my box. A friend comes around and wants to check his
> Webmail.

In your case, you probably don't have a problem creating a separate guest 
account in advance, and more importantly you would see a reason in login out, 
switching user id and start the xsession again. (in case you wouldn't just 
trust your frient to use your browser)

The idea was rather targeted at a more or less novice convienence user that 
"doesn't want to learn", at least not before using something.

I think it would even be nice for us though, because the proposal is merely to 
integrate the OS permissions model and "su" into desktop environments.

> Do you propose to have the webbrowser run as 'guest' by default and if I
> want to access privacy-sensible sites, I have to change to my own ID?

Only for an easy to use home desktop setup I proposed to localy auto-login as 
guest, default user or local user however you may call it. For some other 
"obviobility" (obvious-ablity) issue (see below) the $HOME of that user could 
additionally be set to /home.

The computer would be usable as any other without bothering about IDs 
beforehand. For simple computer usage this could be all that is ever needed. 
Others might want to create additional user accounts, say for the individual 
family members. The reason for /home as $HOME is to so that personal files 
are only one click away and obviously there upon a boot into the standard 
user account (because they are in a subfolder like /home/joe) . The user 
should be prompted for the password when he tries to enter a directory of 
another user (integrate su).

In fact the .desktop entry of the mail program in the "standard" account could 
have a SubstituteUID=true entry and have a window (kdesu) pop up that prompts 
for the username and password of the id as which the mail program should be 
run. (This is already possible) The password window should also have a button 
like "manage users" that opens up the appropriate user management tool.

> Added IDs on the fly seems to be way more confusing to me, but perhaps
> I've misunderstood you.

Hmm, don't know what you'd understand as on the fly. I hope I could clarify 
the idea more clearly above. The IDs should't be switched automatically. And 
it would be sure great if the user id could be visible in the window title 
like [joe] if windows from different users are open at once.


Reply to: